package comautomannn.tomcat.practice.springBootWeb;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import java.io.IOException;

/**
 * @author chenkh
 * @time 2021/10/19 11:47
 */
@Component
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.sessionManagement().maximumSessions(3).and().and().csrf().disable().cors().and().addFilterBefore(new Filter() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
                System.out.println("自定义过滤器测试!!");
                chain.doFilter(request,response);
            }
        }, UsernamePasswordAuthenticationFilter.class).authorizeRequests().anyRequest().authenticated();

    }
}
